The invention relates in general to the field of computer-implemented methods for managing cryptographic objects in a system comprising hardware security modules (HSMs) interacting with computerized clients, as well as related computerized systems. In particular, it is directed to methods aiming at mitigating (i.e., postponing or even preventing) entropy depletion in a key management system of HSMs.
Key management relates to the management of cryptographic keys in a cryptosystem, which involves operations such as the generation, storage, use, destruction and replacement of keys. Key management requires specific cryptographic protocols, key servers, and other procedures.
Generally, a key management system (KMS) is a system that generates, distributes and, more generally, manages cryptographic keys for clients (devices, applications). A KMS may handle several aspects of security, these ranging from secure generation of keys up to secure key handling and storage on the clients. A KMS typically includes a backend functionality for key generation, distribution, and replacement. It may further integrate specific client functionalities for injecting keys, storing and managing keys on the client devices.
Key management and key management systems are becoming increasingly important for the security of connected devices and applications with the development of the Internet of things and cloud computing.
Hardware security modules (HSMs) are physical computing devices that protect and manage keys for performing cryptographic operations (i.e., crypto-processing) and strong authentication. Such modules are physical devices (e.g., plug-in cards) that typically attach directly to a computer (e.g., a network server).
HSMs typically comprise secure crypto-processor chips to prevent tampering and bus probing. In general, HSMs may be designed to provide tamper evidence and tamper resistance (e.g., to delete keys upon tamper detection). HSM systems are sometimes able to securely back up keys they manage. HSMs are typically clustered to provide high availability and, as such, conform to high-availability requirements of modern data center environments. They may notably form part of infrastructures such as online banking applications and public key infrastructures.
Amongst other functions, a HSM may rely on specific hardware, which typically exploits a physical process, to create a sufficient source of randomness (characterized by entropy). The available randomness is, in turn, used to generate random keys.
In such HSMs, the random number generation (RNG) process is restricted by the amount of available entropy in the entropy pool of the HSM. When the entropy pool happens to be depleted (e.g., during high loads), no RNG can be performed anymore. In such cases, keys and initialization vectors (IVs) cannot be generated anymore; their generation is delayed until more entropy is available. Thus, performance of KMSs can suffer during high loads.